Difference between revisions of "Accessing Onsite Webpages From Offsite"
(Created page with "Some webpages are not accessible from outside the JLab network. To get to these from offsite, you'll need to setup an ssh tunnel using your CUE account. Here is an example of ...") |
(No difference)
|
Revision as of 12:08, 18 September 2014
Some webpages are not accessible from outside the JLab network. To get to these from offsite, you'll need to setup an ssh tunnel using your CUE account. Here is an example of how to run web browser from a VNC session on a machine at JLab so you can access internal web pages. A couple of notes:
Start VNC server on jlabl1
1.) ssh to login.jlab.org and from there, ssh to jlabl1
> ssh login.jlab.org ... jlabl14% ssh jlabl1
2.) start a private VNC server
jlabl1.jlab.org:~> vncserver -geometry 1200x1000 New 'jlabl1.jlab.org:96 (davidl)' desktop is jlabl1.jlab.org:96 Starting applications specified in /home/davidl/.vnc/xstartup Log file is /home/davidl/.vnc/jlabl1.jlab.org:96.log
Note the number "96" in the above. Since a specific port number was not given with the vncserver command, the system automatically found a free port. In my case, this was "96". The actual TCP port that we will need to tunnel to will be this plus 5900. In the current example, this would be: 5900+96=5996. Each private VNC session will need to use a unique port.
The server is now running and you may log out. It will remain there until you explicitly kill it (or the computer is rebooted). This means you generally will not need to do steps 1.) and 2.) in the future and can go directly to step 3.). Just make sure to remember your port number.
3.) From your offsite computer setup two ssh tunnels that will connect you through the login server to jlabl1. Setting up a tunnel is done with the -Lport1:host:port2 where "port1" is the TCP port on your local machine to listen on, host and port2 describe where to forward connections to on the other side of the tunnel. In the example below, we listen on port 5996 on the local computer and forward connections to port 54321 on login.jlab.org. We use 54321 in this example as a port that hopefully no one else is using. (You could use 5996 here as well, but may run into conflicts with persons tunneling VNC sessions not going to jlabl1.) The second ssh command listens on the same port number on login.jlab.org (54321 in this case) effectively connecting the two tunnels. It forwards it to port 5996 on jlabl1.
> ssh -L5996:localhost:54321 login.jlab.org ... jlabl14% ssh -L54321:localhost:5996 jlabl1
4.) Start up your local VNC client software.
Linux
> svnviewer localhost:96
Mac OS X
> open vnc://localhost:5996
